Few days ago I observed, all of a sudden, one of the application related cron job started failing with following error.
ORA-06598: insufficient INHERIT PRIVILEGES privilege
This job was intended to drop temporary tables in application schema. We had written a shell script in which SYS user executes procedure owned by application schema.
Only thing that was changed at DB end, that DB was upgraded from 11g to 12c.
After investigating further on the error, I found this was due to a new 12c security feature.
Before Oracle Database 12c, a PL/SQL code/pacakge/procedure always ran with the privileges of its invoker. If its invoker had higher privileges than its owner, then the code might perform operations unintended by, or forbidden to, its owner. Here we can see security gap.
For example, User A creates a new package and we execute it from users with higher privileges, like SYS. Now user A knows that SYS uses this package regularly, so user A could replace the contents of this package with some malacious code any time and do anything in the database, knowing the code will be ran by SYS sooner or later.
In 12c this behavior can be controlled using INHERITANCE PRIVILEGES.
See following link for more details.
INHERIT PRIVILEGES and INHERIT ANY PRIVILEGES Privileges
As of Oracle Database 12c, a PL/SQL code/pacakge/procedure can run with the privileges of its invoker only if its owner has either the INHERIT PRIVILEGES privilege on the invoker or the INHERIT ANY PRIVILEGES privilege.
I was able to resolve the issue after issuing below command:
SQL> grant inherit privileges on user sys to <application schema>; Grant succeeded.
Hope so u will find this post very useful 🙂
Cheers
Regards,
Adityanath
Categories: 12c, Administration, Advanced features
Adityanath's Oracle Blog 
Like!! Thank you for publishing this awesome article.
An excellent post, congratulations !!
Hey very cool web site!! Man .. Excellent .. Amazing .. I’ll bookmark your website and take the feeds also…I am happy to find numerous useful information here in the post, we need develop more strategies in this regard, thanks for sharing. . . . . .
Nice read, I just passed this onto a friend who was doing some research on that. And he actually bought me lunch since I found it for him smile Thus let me rephrase that: Thanks for lunch!
An outstanding share! I have just forwarded this onto a colleague who was
conducting a little homework on this. And he in fact
ordered me dinner simply because I stumbled upon it for him…
lol. So let me reword this…. Thank YOU for the meal!!
But yeah, thanks for spending the time to discuss this topic
here on your web site.
I used to be able to find good advice from your content.
I blog quite often and I really thank you for your information. Your article has truly peaked my interest. I’m going to take a note of your site and keep checking for new details about once per week. I subscribed to your Feed as well.
Pretty! This has been an extremely wonderful article. Thank you for providing this info.
Simply wish to say your article is as astounding.
The clarity to your post is simply nice and i can assume you are knowledgeable in this subject.
Well together with your permission let me to clutch your RSS feed to stay
updated with approaching post. Thank you 1,000,000 and please keep up the rewarding work.
Hi! Do you use Twitter? I’d like to follow you if that would be okay. I’m absolutely enjoying your blog and look forward to new updates.
Hi there I am so thrilled I found your web site, I really found you by accident, while I was looking on Yahoo for something else, Anyways I am here now and would just like to say thanks for a remarkable post and a all round entertaining blog (I also love the theme/design), I don’t have time to look over it all at the minute but I have saved it and also included your RSS feeds, so when I have time I will be back to read a great deal more, Please do keep up the great work.
Neat blog! Is your theme custom made or did you download it from somewhere? A theme like yours with a few simple tweeks would really make my blog stand out. Please let me know where you got your design. Appreciate it
Nice post. I learn something totally new and challenging on blogs I stumbleupon everyday. It will always be useful to read content from other authors and practice something from other sites.